The softly, softly software war

By John MarkoffJuly 15 2003
Next

Sitting at his notebook computer in a hotel near Toronto last October,
Gregory Gabrenya was alarmed by what he discovered in the sales-support database
of his new employer, Platform Software: the names of more than 30 employees of
the United States National Security Agency.

The security agency, one of many federal supercomputer users that rely on
Platform's software, generally keeps the identities of its employees under
wraps.

But Gabrenya, who had just joined Platform as a salesman, found the names on
a list of potential customer contacts for Platform's sales team.

The discovery crystallised his growing concern that the company was perhaps
too lax about the national security needs of its US Government customers in the
military, intelligence and research.

"Anyone who had an account on the system could see this list," Gabrenya says. "They shouldn't be seeing this information and I shouldn't be seeing
it."

");document.write("

advertisement

");
}
}
// -->

What really worries him, he says, is that Platform, although based in
Markham, Ontario, maintains a software maintenance and testing operation in
Beijing.

He repeatedly raised the concerns with Platform executives who said his fears
were unfounded. In March, Gabrenya was let go by Platform. The company said he
had not met sales goals.

However, Gabrenya, 42, says his whistle-blowing led to his dismissal but
emphasises that he had seen no evidence of espionage or other wrongdoing by
Platform employees in Canada or China.

He says he is concerned that sensitive government information is not being
adequately protected and that the Chinese software operation could be
infiltrated by foreign agents who could tamper with software being used by US
Government agencies.

The issues Gabrenya raises are part of a growing tension in the information
technology industry as more crucial computer programming is being done outside
the US, either as exported jobs or by foreign competitors.

The trend poses risks, in the view of some US Government officials, because
of the potential for foreign spies to sneak illicit code into critical programs
and because the US is losing its dominance in information technology.

The chief technologist from the General Accounting Office, Keith Rhodes,
says: "Software is so goofy because there is so many lines of code that hiding
trojans inside the system is the easiest thing in the world to do.

"Setting aside national security, we're also talking about a tremendous
advantage you give to your national competitors."

The concerns cut both ways. The Chinese Government has repeatedly accused the
US military and intelligence organisations of trying to conduct espionage by
manipulating US products sold in China. The tracking features in Intel's
microprocessors and Microsoft's operating system software are of particular
concern to Chinese officials, which is one reason why China is intent on
expanding its own technology industry.

An analyst at the RAND Corp, James Mulvenon, says: "The Chinese emergence as
a global workshop for information technology presents us with a new area of
export control challenges."

Platform dominates the market for software that enables clusters of powerful
computers to work together. It has several US federal customers and computer
makers including Dell, IBM and Silicon Graphics.

The company was co-founded in 1992 by Chinese-born computer scientist,
Songnian Zhou, who received his PhD from the University of California, at
Berkeley. He remains Platform's chief technology officer.

Gabrenya, who is still looking for work, says that shortly after he was hired
by Platform he began raising his concerns with company executives, first in
person and then in writing.

However, Platform disputes Gabrenya's charges, saying the company has
stringent rules to separate its foreign operations from its domestic software
development process and computer systems.

The company says that no software for customers in the US Government is
developed in China and that it had informed them about its test and maintenance
organisation in China.

†But several of the company's other US Government customers say they are
aware of Platform's operation in China and are not concerned.

A spokesman for the Los Alamos National Laboratory says that dealing with
software written outside the US is now a normal occurrence.